aboutsummaryrefslogtreecommitdiff
path: root/ReverseEngineering/Get-NtSystemInformation.ps1
AgeCommit message (Collapse)AuthorFilesLines
2013-11-13Normalized all scripts to ASCII encodingmattifestation1-1/+1
2013-08-17Explicitly casting types as [Type]v2.2Matt Graeber1-3/+3
The latest version of .NET added generics to many of the InteropService methods. Therefore, all of my uses of types need to be explicitly cast with [Type].
2013-07-04Forgot to add CodeIntegrityInformation to helpMatt Graeber1-0/+4
2013-07-04Get-NtSystemInformation can now query UMCI infoMatt Graeber1-0/+34
Get-NtSystemInformation now returns SystemCodeIntegrityInformation - i.e. user-mode code integrity settings. This required reverse engineering a dll that is only present on Windows 8 ARM devices.
2013-06-01Type names added to Get-NtSystemInformationMatt Graeber1-1/+225
When displaying handle information, you can now filter by and display object type names: Get-NtSystemInformation
2013-05-29Silly me. Just discovered the SetOffset method.Matt Graeber1-77/+75
Thanks @JosephBialek!
2013-05-16Added _SYSTEM_LOCK_INFORMATION structMatt Graeber1-1/+55
Yet another method of leaking kernel pointers.
2013-05-13Cleaned up Get-NtSystemInformationMatt Graeber1-2385/+81
* Removed the unnecessary NTSTATUS entries * Used splatting instead of backticks * Fixed a n00b memory management error as well.
2013-05-12Object access mask now displays properlyMatt Graeber1-2/+3
2013-05-12Removed duplicate type definitionMatt Graeber1-15/+0
2013-05-12Removed some extraneous commentsMatt Graeber1-17/+17
2013-05-12Added Get-NtSystemInformationMatt Graeber1-0/+3086
Get-NtSystemInformation is a wrapper function for NtQuerySystemInformation. It is a swiss-army knife tool for obtaining internal OS information. It can currently be used to query the following: global flags, handles, objects, kernel pool allocations, and loaded kernel modules
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-29 10:27:32 +0000